Search breach records by email address

curl --request POST \ --url https://api.vantaprism.me/v1/search/emails \ --header 'Content-Type: application/json' \ --header 'api-key: <api-key>' \ --data ' { "emails": [ "john.doe@acme-corp.com" ], "limit": 25 } '

{ "data": [ { "stealer_id": "<string>", "victim_id": "<string>", "username": "<string>", "password": "<string>", "domain": "<string>", "url": "<string>", "infection_date": "2023-11-07T05:31:56Z" } ], "meta": { "request_id": "req_01HZXK3Q7N8YV6F3M2P9JABCDE", "took_ms": 42.7, "tier": "pro", "masked_fields": [ "password", "ip" ], "freshness_at": "2023-11-07T05:31:56Z" }, "nextCursor": "<string>" }

Authorizations

api-key

string

header

required

Static API key, format vp_<env>_<8-hex-prefix>.<40-hex-secret>. Preferred header for server-to-server integrations.

Body

application/json

emails

string<email>[]

required

Email addresses to look up, lowercased automatically.

Minimum array length: 1

Example:

["john.doe@example.com"]

type

enum<string>

default:both

employees = corporate emails matching the searched domain(s); users = end-user accounts with the domain in their saved URL; both = no filter. See Domain Intelligence Overview.

Available options:

employees,

users,

both

start_date

string<date-time> | null

end_date

string<date-time> | null

sort_direction

enum<string>

default:desc

Sort order applied to inserted_at. Must stay constant across paginated requests using the same cursor.

Available options:

asc,

desc

cursor

string | null

limit

integer

default:25

Required range: 1 <= x <= 500

Response

Matching records

data

object[]

required

Show child attributes